Technology Lab —

Windows XP Service Pack 2 Beta first look

Windows XP SP2 Beta is out, and Ars has a preview heavy on the screenshots, …

Internet Explorer and Outlook Express

Internet Explorer has laid mostly dormant since reaching Version 6 in 2001. Its rendering engine has been used with newer wrappers which have provided users with additional security features and tabbed browsing. However, the average user is not going to go out of their way to find a new browser and is likely to stick with whatever his PC came with. So finally, Microsoft has addressed some oft-repeated requests. First up is the pop-up blocker. In my eyes this is huge, and is is one area that many users are going to appreciate. When you stumble on a site with a pop-up, IE plays a gentle tone and then displays an icon in its status bar.

Look! An unrequested pop-up!

If you want to view the pop-up you can click on that icon and then you are presented with these options.

Pop-up options

Currently, when I select "Show Blocked Pop-up Window" on espn.com I just see another window of what I am currently looking at. I am not sure if this related to the beta nature of this software or with a problem with the current way that pop-ups are displayed on ESPN's site.

Under the Pop-up Window Options you get the following dialogue box:

Pop-up Window Management

As I said before the pop-up blocking is huge, and I am curious what this will do to the pop-up industry.

IE has other changes besides the pop-up blocker. It now has an updated dialogue box for those websites that want to install plug-ins.

Plug-in installation dialogue

As you can see the default action is cancel now. This is another clever solution to a common problem. Clicking on the "More options" options pulldown shows another level of protection that Microsoft now defaults to.

Danger, Will Robinsion!

These are the only obvious changes at this point.

Outlook Express has also seen some modifications, one of which is that it now has the same out-of-the-box behavior as Outlook 2003: its preview window is now on lockdown. Unfortunately, Outlook Express is still sorely missing some form of a junk mail filter. I don't expect to see one in Outlook Express either as its development is basically over.

System-level protection

The largest problem that the Windows NT-based OSes have had is their susceptibility to buffer-overrun attacks. Now, the RPC mechanism in Service Pack 2 has been overhauled. No longer does it live with complete privileges and with the default firewall behavior RPC will no longer be as great a target. After the chaos that Blaster and friends wreaked with RPC, this is a good move for Microsoft. With improvements in Microsoft's compiler a lot of the OS's core components will be recompiled to help protect against buffer overruns.

One major change in the core is the addition of support for hardware-enforced no-execute. CPUs that support this feature can protect application code from data, which will help prevent attacks from viruses that work by attacking memory marked for data.

Execution protection

Unfortunately the only known XP-compatible processors that support this feature are the Athlon 64/Opteron family.

Conclusion

This release has been remarkably stable, and from my usage I am impressed with the effort Microsoft has made in this release towards solving some of the security problems that have bedeviled the OS.

In terms of new and improved features, Microsoft has focused in on the five areas covered above. First off, the built-in firewall has received a number of improvements. The one new feature that might tweak some users is the firewall being enabled by default. Be that as it may, I believe it is a significant improvement, which had it been done before, would have helped to mask many of the glaring deficiencies within the previous iterations of Windows XP. Also, the firewall is now more aggressive with the opening and closing of ports.

The improvements to Windows Update are also very encouraging. With SP2, Windows Update is more persistent about necessary reboots while being more efficient in patching. The wireless zero-configuration utility received little more than a facelift, but its better organization is a welcome change.

The biggest change in Internet Explorer is the pop-up blocker. I find it remarkable that it has taken Microsoft so long to add this functionality to its browser, but now it is here and fully functional. Outlook Express, which has long since been a culprit in the spreading of worms and viruses finally has its preview window on lockdown. No longer will it execute html attachments and display pictures linked to external files.

Finally, on the core level, Microsoft has gone back and limited the ability of RPC (the subsystem attacked by blaster) and implemented support for future hardware devices to prevent buffer overruns.

Overall, Microsoft has made a step in the right direction with this service pack. The increased focus on security will be good not only for the average user who does not spend much time thinking about securing her system, but also for "power users" and those who work supporting end users. Most of all, the firewall changes will likely prove to be the most significant improvement. Simply removing the number of potential targets will go a long way towards preventing further attacks.

While I am disappointed that some rumored features did not make it into this beta (e.g., concurrent remote desktop/console usage), I am pleased with its stability and new features. Past Windows service packs that have introduced new features generally have not been well received (anyone remember NT 4 SP2?). This may very well be the exception.